Deck 3: Legal, Ethical, and Professional Issues in Information Security

Every state has implemented uniform laws and regulations placed on organizational use of computer technology.

Established in January 2001,the National InfraGard Program began as a cooperative effort between the FBI's Cleveland Field Office and local technology professionals.

There are four general causes of unethical and illegal behavior.

The key difference between laws and ethics is that ethics carry the authority of a governing body and laws do not.

Studies on ethics and computer use reveal that people of different nationalities have different perspectives;difficulties arise when one nationality's ethical behavior violates the ethics of another national group.

Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage by accident.

DHS is made up of three directorates.

The United States has implemented a version of the DMCA law called the Database Right,in order to comply with Directive 95/46/EC.

The Secret Service is charged with the detection and arrest of any person committing a United States federal offense relating to computer fraud and false identification crimes.

Thirty-four countries have ratified the European Council Cyber-Crime Convention as of April 2010.

The NSA is responsible for signal intelligence and information system security.

Cultural differences can make it easy to determine what is and is not ethical-especially when it comes to the use of computers.

The Association for Computing Machinery and the Information Systems Security Association have the authority to banish violators of their ethical standards from practicing their trade.

Studies have reported that the Pacific Rim countries of Singapore and Hong Kong are hotbeds of software piracy.

HIPAA specifies particular security technologies for each of the security requirements to ensure the privacy of the health-care information.

The difference between a policy and a law is that ignorance of a law is an acceptable defense.

Due care requires that an organization make a valid effort to protect others and continually maintain this level of effort.

The Clipper Chip can be used to monitor or track private communications.

The Department of Homeland Security is the only U.S.federal agency charged with the protection of American information resources and the investigation of threats to,or attacks on,the resources.

The U.S.Secret Service is a department within the Department of the Interior._________________________

The Federal Bureau of Investigation's National InfraGard Program serves its members in four basic ways: Maintains an intrusion alert network using encrypted e-mail;Maintains a secure Web site for communication about suspicious activity or intrusions;Sponsors local chapter activities;Operates a help desk for questions._________________________

In a study on software licence infringement,those from United States were significantly more permissive._________________________

Deterrence can prevent an illegal or unethical activity from occurring._________________________

The communications networks of the United States carry more funds than all of the armored cars in the world combined._________________________

In 1995 the Directive 95/46/EC was adopted by the European Union._________________________

Intellectual privacy is recognized as a protected asset in the United States._________________________

The code of ethics put forth by (ISC)² focuses on four mandatory canons: "Protect society,the commonwealth,and the infrastructure;act honorably,honestly,justly,responsibly,and legally;provide diligent and competent service to principals;and advance and protect the profession."._________________________

The Department of Homeland Security was created in 1999._________________________

The Federal Privacy Act of 1974 regulates government agencies and holds them accountable if they release information about national security._________________________

Civil law addresses activities and conduct harmful to society and is actively enforced by the state._________________________

The Economic Espionage Act of 1996 protects American ingenuity,intellectual property,and competitive advantage._________________________

Ethics define socially acceptable behaviors._________________________

Privacy is not absolute freedom from observation,but rather is a more precise "state of being free from unsanctioned intrusion." _________________________

The Graham-Leach-Bliley Act is a critical piece of legislation that affects the executive management of publicly traded corporations and public accounting firms.______________________________

Guidelines that describe acceptable and unacceptable employee behaviors in the workplace are known as ____________________.

____________________ is the legal obligation of an entity that extends beyond criminal or contract law.

"Long arm ____________________" refers to the long arm of the law reaching across the country or around the world to draw an accused individual into its court systems.

____________________ are rules that mandate or prohibit certain behavior in society.

____________________ are the fixed moral attitudes or customs of a particular group.

Software license infringement is also often called software ____________________.

The ____________________ Act seeks to improve the reliability and accuracy of financial reporting,as well as increase the accountability of corporate governance,in publicly traded companies.

The ______________________________ contains a number of provisions focusing on facilitating affiliation among banks,securities firms,and insurance companies.

The ________________________________________ is the American contribution to an international effort to reduce the impact of copyright,trademark,and privacy infringement,especially when accomplished via the removal of technological copyright protection measures.

The ____________________ Act of 1996 attempts to prevent trade secrets from being illegally shared.

The ___________________________________ is a respected professional society that was established in 1947 as "the world's first educational and scientific computing society."

The low overall degree of tolerance for ____________________ system use may be a function of the easy association between the common crimes of breaking and entering,trespassing,theft,and destruction of property to their computer-related counterparts.

The ____________________ Act of 2001 provides law enforcement agencies with broader latitude in order to combat terrorism-related activities.

Family law,commercial law,and labor law are all encompassed by ____________________ law.

The ________________________________________________________________________________² manages a body of knowledge on information security and administers and evaluates examinations for information security certifications.

The ________________________________________ Association is a professional association that focuses on auditing,control,and security and whose membership comprises both technical and managerial professionals.

List three of the provisions included in the Security And Freedom Through Encryption Act of 1999.

What are the requirements for a policy to become enforceable?

The _________________________ Act of 1966 allows any person to request access to federal agency records or information not determined to be a matter of national security.

Key studies reveal that the overriding factor in leveling the ethical perceptions within a small population is ____________________.

List the five fundamental principles of HIPAA.

The ______________________________ Act of 1986 is a collection of statutes that regulates the interception of wire,electronic,and oral communications.

____________________ information is created by combining pieces of non-private data-often collected during software updates,and via cookies-that when combined may violate privacy.